On my server in microk8s I created an kubernetes service which is exposed via NodePort, but it refuses the connection. I am not sure why. No matter if I try to telnet to the NodePort port (31000), it always refuses the connection. Similar service is provided by microk8s addon (registry) which is listening on port 32000. Telneting to this port from the host itself as from outside works fine. No firewall is runnig, ufw is disabled.
This is the service:
apiVersion: v1
kind: Service
metadata:
namespace: openvpn
name: openvpn
labels:
app: openvpn
spec:
selector:
app: openvpn
type: NodePort
ports:
- name: openvpn
nodePort: 31000
port: 1194
targetPort: 1194
status:
loadBalancer: {}
This is my deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: openvpn
name: openvpn
labels:
app: openvpn
spec:
replicas: 1
selector:
matchLabels:
app: openvpn
template:
metadata:
labels:
app: openvpn
spec:
containers:
- image: private.registry.com/myovpn:1
name: openvpn-server
imagePullPolicy: Always
ports:
- containerPort: 1194
securityContext:
capabilities:
add:
- NET_ADMIN
This is the created service:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
openvpn NodePort 10.152.183.80 <none> 1194:31000/UDP 9m19s
And this is its description:
Name: openvpn
Namespace: openvpn
Labels: app=openvpn
app.kubernetes.io/managed-by=Helm
Annotations: meta.helm.sh/release-name: openvpn
meta.helm.sh/release-namespace: openvpn
Selector: app=openvpn
Type: NodePort
IP Families: <none>
IP: 10.152.183.80
IPs: 10.152.183.80
Port: openvpn 1194/UDP
TargetPort: 1194/TCP
NodePort: openvpn 31000/UDP
Endpoints: 10.1.246.217:1194
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
The endpoint is present:
NAME ENDPOINTS AGE
openvpn 10.1.246.228:1194 110m
get nodes - owide output:
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
hostname Ready <none> 24d v1.20.7-34+df7df22a741dbc 194.xxx.xxx.xxx <none> Ubuntu 20.04.2 LTS 5.4.0-73-generic containerd://1.3.7
The Dockerfile is mega simple. Just basics:
FROM alpine:3
ENV HOST=""
RUN apk add openvpn
RUN mkdir -p /opt/openvpn/sec
COPY ./run.sh /opt/openvpn
RUN chmod +x /opt/openvpn/run.sh
COPY ./openvpn.conf /opt/openvpn
COPY ./sec/srv.key /opt/openvpn/sec
COPY ./sec/srv.crt /opt/openvpn/sec
COPY ./sec/ca.crt /opt/openvpn/sec
COPY ./sec/dh2048.pem /opt/openvpn/sec
ENTRYPOINT ["/bin/sh", "/opt/openvpn/run.sh"]
And the run script:
#!/bin/sh
mkdir -p /dev/net
mknod /dev/net/tun c 10 200
openvpn --config /opt/openvpn/openvpn.conf --local 0.0.0.0
Nothing special. Any ideas why it does not work?